CVE-2003-0825

Microsoft Windows Server <2003 - DoS

Title source: llm
STIX 2.1

Description

The Windows Internet Naming Service (WINS) for Microsoft Windows Server 2003, and possibly Windows NT and Server 2000, does not properly validate the length of certain packets, which allows attackers to cause a denial of service and possibly execute arbitrary code.

References (10)

Core 10
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/15037
Third Party Advisory, US Government Resource third-party-advisory government-resource x_refsource_ciac
http://www.ciac.org/ciac/bulletins/o-077.shtml
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/3903
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A801
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A800
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A704
Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/9624
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A802
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/445214

Scores

EPSS 0.1210
EPSS Percentile 95.7%

Details

CWE
CWE-20
Status published
Products (8)
microsoft/windows_2000 (5 CPE variants)
microsoft/windows_2003_server
microsoft/windows_2003_server enterprise
microsoft/windows_2003_server enterprise_64-bit
microsoft/windows_2003_server r2
microsoft/windows_2003_server standard
microsoft/windows_2003_server web
microsoft/windows_nt 4.0 (23 CPE variants)
Published Mar 03, 2004
Tracked Since Feb 18, 2026